The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2024-03-27T22:03:10Zhttps://gitlab.torproject.org/tpo/web/community/-/issues/344[Onion Services] Replace mailing list tor-onions link to the Tor Forum Onion ...2024-03-27T22:03:10ZGus[Onion Services] Replace mailing list tor-onions link to the Tor Forum Onion Services categoryHere: https://community.torproject.org/onion-services/
_"Are you interested in learning more about onion services? Join our tor-onions mailing list to speak with other onion service operators. "_
We should consider changing the mailing...Here: https://community.torproject.org/onion-services/
_"Are you interested in learning more about onion services? Join our tor-onions mailing list to speak with other onion service operators. "_
We should consider changing the mailing list link to the Tor Forum: https://forum.torproject.org/c/support/onion-services/16.
(cc @rhatto)Silvio RhattoSilvio Rhatto2024-06-17https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40340Add a mechanism to retest the client NAT type2024-03-04T08:42:02ZCecylia BocovichAdd a mechanism to retest the client NAT typeWhile we do periodically retest the NAT type of proxies, a client's NAT type is only checked once on startup. The result is that if, after the initial check, a client's network conditions change, they may have difficulty connecting to pr...While we do periodically retest the NAT type of proxies, a client's NAT type is only checked once on startup. The result is that if, after the initial check, a client's network conditions change, they may have difficulty connecting to proxies in their pool. Since client usage of snowflake is much more time-sensitive than proxies, the trigger for a retest could be a threshold of a certain number of failed Datachannel attempts.https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/29Document about multiple MasterOnionAddress entries2024-02-20T17:58:20ZSilvio RhattoDocument about multiple MasterOnionAddress entriesDocument that multiple `MasterOnionAddress` lines are supported in the
`ob_config` file, so each backend service can work for multiple frontend
addresses.Document that multiple `MasterOnionAddress` lines are supported in the
`ob_config` file, so each backend service can work for multiple frontend
addresses.Onionbalance 0.2.3https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/28Migrate Onionbalance documentation to Onion MkDocs2024-02-22T22:19:20ZSilvio RhattoMigrate Onionbalance documentation to Onion MkDocsMigrate Onionbalance documentation from [Sphinx](https://www.sphinx-doc.org) to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Migrate Onionbalance documentation from [Sphinx](https://www.sphinx-doc.org) to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Onionbalance 0.2.3https://gitlab.torproject.org/tpo/onion-services/onionspray/-/issues/44Example configuration with Onionspray defaults2024-03-13T12:01:53ZSilvio RhattoExample configuration with Onionspray defaults# Description
It would be helpful for users if a canonical example configuration file had all/only Onionspray defaults.
# Tasks
* [ ] Create a `default.tconf` with just the default configuration, and
explanatory comments. Explai...# Description
It would be helpful for users if a canonical example configuration file had all/only Onionspray defaults.
# Tasks
* [ ] Create a `default.tconf` with just the default configuration, and
explanatory comments. Explain in the `example.tconf` that it's an example
that does not necessariliy has the default paramters. Or just rename
the `example.tconf` to `default.tconf`. Or something like that.
* [ ] Update the documentation accordingly.
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Onionspray 1.7.0https://gitlab.torproject.org/tpo/onion-services/cebollitas/-/issues/15Create examples with the Tor Expert Bundle2024-01-10T11:58:22ZSilvio RhattoCreate examples with the Tor Expert BundleCreate examples based on the [Tor Expert Bundle](https://www.torproject.org/download/tor/), without the need for Docker Compose or even Docker.
Examples could be created with step-by-step documentation or with shell scripts (bourne and ...Create examples based on the [Tor Expert Bundle](https://www.torproject.org/download/tor/), without the need for Docker Compose or even Docker.
Examples could be created with step-by-step documentation or with shell scripts (bourne and [PowerShell](https://en.wikipedia.org/wiki/PowerShell)) to be easy portable without requiring a full development environment.
An user with a computer (desktop, laptop, things like Raspberry Pi) could then just jump straight away into the examples.
This was something [we've learned](https://gitlab.torproject.org/tpo/community/training/-/issues/92#note_2901220) to be really important.https://gitlab.torproject.org/tpo/network-health/depictor/-/issues/28Show Shared Random Value reveal values as well as commits2024-01-08T08:35:33Zmicahmicah@torproject.orgShow Shared Random Value reveal values as well as commitsFor the Shared Random section of the site, we see the Commits, but the Reveals are not shown. They are in the votes, but consensus health is just not showing them on the website. These would be useful to show along with the commits, as i...For the Shared Random section of the site, we see the Commits, but the Reveals are not shown. They are in the votes, but consensus health is just not showing them on the website. These would be useful to show along with the commits, as its a two stage commit and reveal process.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/88Firefox Android support2024-02-27T11:18:30ZcypherpunksFirefox Android supportHi. 14 December, 2023 onwards, Firefox Android has now allowed all extensions to be installed on Android, as long as they are made (and marked as) compatible with it.
Could the Snowflake addon be updated to allow Android installs? Or is...Hi. 14 December, 2023 onwards, Firefox Android has now allowed all extensions to be installed on Android, as long as they are made (and marked as) compatible with it.
Could the Snowflake addon be updated to allow Android installs? Or is there any pending work before that can happen?https://gitlab.torproject.org/tpo/network-health/metrics/tor-check/-/issues/40016RTL support2023-12-18T08:55:11ZtorranRTL supporthttps://check.torproject.org/ doesn't have a RTL support, which is needed for languages like Arabic, Persian etc to be displayed correctly.https://check.torproject.org/ doesn't have a RTL support, which is needed for languages like Arabic, Persian etc to be displayed correctly.https://gitlab.torproject.org/tpo/web/tpo/-/issues/396don't use `<h*>` tags for styling text2023-12-21T11:35:05ZKezdon't use `<h*>` tags for styling text#336 found some places where `<h4>` and `<h5>` tags were being used to style text. this is contrary to the way those tags should be used, and can cause issues for e.g. [users with screenreaders](https://developer.mozilla.org/en-US/docs/W...#336 found some places where `<h4>` and `<h5>` tags were being used to style text. this is contrary to the way those tags should be used, and can cause issues for e.g. [users with screenreaders](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/Heading_Elements#navigation) and violates [WCAG 2.4 guidelines (criteria 2.4.6)](https://developer.mozilla.org/en-US/docs/Web/Accessibility/Understanding_WCAG/Operable#guideline_2.4_%E2%80%94_navigable_provide_ways_to_help_users_navigate_find_content_and_determine_where_they_are)
i've closed that ticket, but the issue still exists elsewhere. heading tags are being used for styling (padding, font-size, etc.) and that's breaking the semantics of the page. bootstrap makes this easy to fix by providing the `.h1` through `.h6` classes, which can be used to style an element like a heading, without breaking the page semantics.
we should comb through templates looking for headings that break the page semantics, and fix thosehttps://gitlab.torproject.org/tpo/anti-censorship/gettor-project/OnionSproutsBot/-/issues/56"The Tor Browser" -> "Tor Browser"2024-02-27T11:04:51ZRoger Dingledine"The Tor Browser" -> "Tor Browser"In working on https://gitlab.torproject.org/tpo/web/support/-/issues/341 I noticed that gettor has "the Tor Browser" in its strings too.
We should go through and get rid of the "the" when appropriate.
There is also a screenshot on the ...In working on https://gitlab.torproject.org/tpo/web/support/-/issues/341 I noticed that gettor has "the Tor Browser" in its strings too.
We should go through and get rid of the "the" when appropriate.
There is also a screenshot on the https://tb-manual.torproject.org/downloading/ page that could probably use an update once the new strings are in place.
We could also use this opportunity to update the rest of the strings as needed, but it is fine if not too. :) Thanks!https://gitlab.torproject.org/tpo/web/community/-/issues/327Clienth Authorization might need a full restart2023-11-23T15:37:47ZSilvio RhattoClienth Authorization might need a full restartWhen updating [Client Authorization][] keys, seems like a `systemctl reload tor` won't update the configuration (as it's currently documented), and a full restart is required.
Needs more testing to confirm if that's the case, and fix th...When updating [Client Authorization][] keys, seems like a `systemctl reload tor` won't update the configuration (as it's currently documented), and a full restart is required.
Needs more testing to confirm if that's the case, and fix the documentation if needed (or fill a bug upstream if it's expected that a `reload` should trigger a config update in this case).
[Client Authorization]: https://community.torproject.org/onion-services/advanced/client-auth/https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/23GitHub pages2024-01-30T12:28:21ZSilvio RhattoGitHub pagesConfigure GitHub Pages to be used as a mirror for the documentation.Configure GitHub Pages to be used as a mirror for the documentation.Onionbalance 0.2.3https://gitlab.torproject.org/tpo/tpa/dangerzone-webdav-processor/-/issues/24don't clobber files in `safe/`2023-09-21T20:29:51ZKezdon't clobber files in `safe/`with the changes from !14, safe files have their file extension changed to .pdf. for example: `document.docx -> safe/document.pdf`
now consider dangerzone processes files with the same basename, but different file extensions: `document....with the changes from !14, safe files have their file extension changed to .pdf. for example: `document.docx -> safe/document.pdf`
now consider dangerzone processes files with the same basename, but different file extensions: `document.docx -> safe/document.pdf` and `document.doc -> safe/document.pdf`. one of these two files will be clobbered. that's fine if both documents are the same contents under a different document format, but it's a problem if they're different documents, something is doing to disappear.
DWP should, on file upload, check if the remote destination already exists. if it does, it should do something similar to firefox, and attempt to upload it as `document (1).pdf`, `document (2).pdf`, etc.https://gitlab.torproject.org/tpo/web/support/-/issues/334Add onion services PoW to the glossary and other parts of the docs2023-11-06T19:44:05ZemmapeelAdd onion services PoW to the glossary and other parts of the docswe can use https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/ as a base to add Onion Services PoW to the docs.we can use https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/ as a base to add Onion Services PoW to the docs.https://gitlab.torproject.org/tpo/core/torsocks/-/issues/40017warning: implicit declaration of function 'conf_file_set_enable_ipv6'2023-09-20T14:40:53Zmilahuwarning: implicit declaration of function 'conf_file_set_enable_ipv6'ideally the build should finish without warnings
```
config-file.c: In function 'parse_config_line':
config-file.c:184:23: warning: implicit declaration of function 'conf_file_set_enable_ipv6' [8;;https://gcc.gnu.org/onlinedocs/gcc/Warn...ideally the build should finish without warnings
```
config-file.c: In function 'parse_config_line':
config-file.c:184:23: warning: implicit declaration of function 'conf_file_set_enable_ipv6' [8;;https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wimplicit-function-declaration-Wimplicit-function-declaration8;;]
184 | ret = conf_file_set_enable_ipv6(tokens[1], config);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
config-file.c: In function 'conf_file_set_socks5_user':
config-file.c:332:9: warning: '__builtin_strncpy' output truncated before terminating nul copying as many bytes from a string as its length [8;;https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wstringop-truncation-Wstringop-truncation8;;]
332 | strncpy(config->conf_file.socks5_username, username, strlen(username));
| ^
config-file.c:325:13: note: length computed here
325 | if (strlen(username) > sizeof(config->conf_file.socks5_username)) {
| ^~~~~~~~~~~~~~~~
config-file.c: In function 'conf_file_set_socks5_pass':
config-file.c:364:9: warning: '__builtin_strncpy' output truncated before terminating nul copying as many bytes from a string as its length [8;;https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wstringop-truncation-Wstringop-truncation8;;]
364 | strncpy(config->conf_file.socks5_password, password, strlen(password));
| ^
config-file.c:357:13: note: length computed here
357 | if (strlen(password) > sizeof(config->conf_file.socks5_password)) {
| ^~~~~~~~~~~~~~~~
```
[torsocks-2.4.0-unstable-2022-08-09-build.log](/uploads/702c8aab587a699c2634df815788b001/torsocks-2.4.0-unstable-2022-08-09-build.log)https://gitlab.torproject.org/tpo/network-health/tor-weather/-/issues/71Password Complexity Requirement lack of SSO2023-06-07T09:46:47ZAnonymous420Password Complexity Requirement lack of SSOAccounts currently do no require any complexity of passwords. A single char password is allowed.
Bonus points if you allow SSO with https://gitlab.onionize.space/ or GitLab accounts.Accounts currently do no require any complexity of passwords. A single char password is allowed.
Bonus points if you allow SSO with https://gitlab.onionize.space/ or GitLab accounts.https://gitlab.torproject.org/tpo/onion-services/cebollitas/-/issues/12CI/CD with tests2023-05-09T17:32:05ZSilvio RhattoCI/CD with testsSetup CI/CD with tests for each example.Setup CI/CD with tests for each example.https://gitlab.torproject.org/tpo/onion-services/cebollitas/-/issues/11Examples should output the generated .onion address2023-05-09T17:32:05ZSilvio RhattoExamples should output the generated .onion addressExamples should output the generated .onion address similar to what [onion-desktop](https://github.com/scanlime/onion-desktop) does:
* [ ] As text.
* [ ] As a QR Code.
This helps users to figure out where they should connect to and rep...Examples should output the generated .onion address similar to what [onion-desktop](https://github.com/scanlime/onion-desktop) does:
* [ ] As text.
* [ ] As a QR Code.
This helps users to figure out where they should connect to and replaces the need to type a complicated docker command to get this information.https://gitlab.torproject.org/tpo/onion-services/cebollitas/-/issues/10GitLab pages with l10n plugin2023-05-09T17:32:05ZSilvio RhattoGitLab pages with l10n pluginSetup GitLab pages with l10n plugin and using [onion-mkdocs](https://rhatto.pages.torproject.net/onion-mkdocs/).Setup GitLab pages with l10n plugin and using [onion-mkdocs](https://rhatto.pages.torproject.net/onion-mkdocs/).